Absolutely love it! Thank you for this video :)

@netbirdio

2 ай бұрын

The part where Brian configures NetBird with Authentik is just brilliant. It is very detailed and highlights the caveats people might have (e.g., the hosts file point). We will link it to our docs 👍

@AwesomeOpenSource

2 ай бұрын

Glad you guys like it, and thank you so very much for such an awesome open source project!

Great content Brian! Thanks. For better security, you should enable 2FA for Authentik and then add a provider (proxy provider) and application for nginx proxy manager itself, so that the access is protected with 2FA of Authentik, too 🙂

@Glatze603

2 ай бұрын

It seems, that npm can not be configured for authentik... Has anybody an idea, how to get 2FA for npm?

@AwesomeOpenSource

2 ай бұрын

100%. Just didn't show it yet. But, I'd point folks to @Cooptonian as his Authentik videos are gold!

@AwesomeOpenSource

2 ай бұрын

I think if you set NPM to Basic Auth (if possible), then you can use Authentik to login through that (again, just saw an @Cooptonian video that showed something like this).

Dear AOS, this is really at the moment (trust me, been following bunch of well known and quite wholesome homelab enthusiasts) one of the most effective list of resources and tools for IT power-users who want to start something like a business on a budget, very small budget, but are not sure they want to leave everyday job. Also for unemployed (what ever the reason might be) to maybe earn some income. Even for those who aren't in a pinch for money (hard to find, but who knows...) to keep up with the ever changing and evolving tech. I mean, lately, every few months something crazy good comes out. Netbird with free 5/100 tier is amazing for practice as well as small home bizz. Anyways, I am packing 3 laptops and a Pi and right afer installing Netbird time to figure out Authentik - and here comes ... your video. Thx a bunch

@AwesomeOpenSource

2 ай бұрын

Absolutely my pleasure!

Priceless content

@AwesomeOpenSource

2 ай бұрын

Thank you so much!

Great video and explanation as always! Just a little tip about the authentik setup: you dont need to specify the version of image to pull in both .env and compose file, you just need to match the variable name which is different in this case. When the variable is the same docker will matches the version specified in .env file and use the other one in compose as fallback.

@AwesomeOpenSource

2 ай бұрын

Yeah, I don't recall at this point if I messed up that tag, or if that's how it was copied from therm, but you're 100% right.

Thank you so much for this tutorial! You have no idea how much I have been looking forward to this! Thank you, you really a great at giving instructions, these videos are valuable ressources!

@AwesomeOpenSource

Ай бұрын

Glad you like it my friend!

Great has been waiting for this video. Thanks for the video ❤

@AwesomeOpenSource

2 ай бұрын

You are so welcome!

Thanks for the great video Brian, It took me a few hours to get through this one. I followed a long the whole way. I had a few difficulties as I used a local provider for my servers and the settings were a bit different. Got there in the end. Looking forward to the next one greatly and starting to integrate some of the solutions into my own business I am just starting.

@AwesomeOpenSource

Ай бұрын

Super glad you were able to work though it. Excited that you are coming along with me.

You make great content Brian, thanks for your hard work! Excited to see the next video

@AwesomeOpenSource

Ай бұрын

I appreciate that!

Great content, Brain. I'm longtime fan of the show, and right now I'm trying to create a similar thing as an MSP in my home country. and this series was a great resource for me. I wanted to ask though what if you're trying to create something like what Microsoft did with Azure and Intune for both device and user management but with OSS. where you use one account to access everything, and all service play nicely with each other. thanks for all the efforts you're going through to put this knowledge out for the world

@AwesomeOpenSource

28 күн бұрын

I think SSO is definitely possible. The services playing nicely, is a different story. We are essentially pulling a bunch of different software together. I don't use Microsoft or Intune, but it's one thing to pull a bunch of things together, it's different to own all of it.

Hey Brian, Great series. Can you add the notes when you have a minute? I have been wrestling with this exact install. Question: I didn't see the Netbird FQDN being routed via the NPM Proxy. Is that correct? I have all these on the same network, so I was going to route my FQDN via my proxy to the Netbird IP Address internally and then use Authentik to secure it.

@AwesomeOpenSource

2 ай бұрын

I'm adding them now, might take a bit to get it all in, but I'll be referencing my original video notes as well. I updated those links in the description already. Just need to finish the show notes specific to this video.

Great video...but I am kind of stuck. I use HAProxy (pfSense package), Authentik and I would like to setup NetBird. I am missing how to setup Netbird behind the HAProxy... any ideas?

@AwesomeOpenSource

21 күн бұрын

You'll have to forward the web admin ports to your server, and also all of the ranges of ports it needs to that server. Not sure how well it will work. Not used HAProxy, so just not familiar with its setup.

Thank you for the video. The links section seems to be missing for the show notes

@AwesomeOpenSource

2 ай бұрын

Working on the show notes now. I'll have them by the end of day (if all goes better than yesterday anyway).

@farzadmf

2 ай бұрын

Thank you for the update; hopefully everything goes well for you

So would pika backup, that you showed in your last video, be a good backup solution for these servers?

@AwesomeOpenSource

Ай бұрын

I would recommend something like Borg Backup with BorgWarehouse, as these service don't have a desktop environment, which is needed for PikaBackup to work. The other option that I'll be looking at is URBackup, which is also a nice solution.

@toddselby443

Ай бұрын

@@AwesomeOpenSource Thanks for the information!

Did this setup allow a client to connect? I've setup the same thing using Caddy because I read the Nginx Proxy Manager doesn't support gRPC and as a result doesn't allow me to connect clients with whining about expecting an gRPC connection and getting a html/text 1.1 connection. I even ran the script version to find out how it sets up the CaddyFile to make gRPC work, still not working. Let me know when you do the episode showing it connecting to the clients

@AwesomeOpenSource

17 күн бұрын

I can connect, but yes, you may have gRPC issues. It is something they use in Netbird for sure.

Can you setup the Authentik and Netbird with purchasing two VPS instances? It'd also be nice to be able to use the VPS's for other things like email or website etc.. We're not all made of money

@AwesomeOpenSource

17 күн бұрын

You can. You just need to adjust the ports they run on and adjust the proxy settings for them. It's a bit easier to do it the way I have, but I completely understand.

Hello there! Could you please create a video that talks about open-source email validation system ? Bulk Email Verification Recher mail, AfterShip /email-verifier, truemail

@AwesomeOpenSource

2 ай бұрын

Let me see what I can dig up.

Amazing guide! Thank you. Do you have a shownotes available?

@AwesomeOpenSource

2 ай бұрын

Working on the shownotes now. I got tied up yesterday with a multitude of unexpected issues, and am just now getting to add them.

@simongajdosik5105

2 ай бұрын

Thank you and I really appreciate your hard work! I just followed everything in the video and all is working as indented. Only issue I have is connecting do Win Server via RDP through Netbird network.. Maybe you have some information about it?@@AwesomeOpenSource

@AwesomeOpenSource

Ай бұрын

Well, I'm not sure. Can you reach it via RDP through LAN?

I was wondering if there was an open source tool to basically post ideas (like a PasteBin+Forumn combo of sorts) It would be like an Adventure Guild quest board that you see in Fantasy Animes, putting bounties on tasks Except here you could post ideas or a "wanted" list on what FOSS tools/apps are needed in this world to further help the cause of FOSS This is just me thinking out aloud

@AwesomeOpenSource

Ай бұрын

I think you could use something like Lemmy for this ut there are some borads I've com across in the past that are more specifically for voting on certaint hings. I'll see what I can find.

Hi , great videos... but im stuck. :( Getting this error when starting the netbird Docker... >> Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open /proc/sys/kernel/domainname: permission denied: unknown

@AwesomeOpenSource

21 күн бұрын

Seems like it's hitting a permission error. Is your user in the docker group? If so, make sure not to bring up docker with sudo, you shouldn't need it. It's talking about the domain specifically, so maybe there's some issue with the domain name you've setup. Make sure it's typed in correctly.

@riaangrobler3447

13 күн бұрын

@@AwesomeOpenSource I gave up... could not get this to work. switched from nginx to caddy.. and then the quick start from Netbird worked. I guess the biggest problem was/is to get NGINX to work. The above error is when you use a container and not a VM...

Very well done, Brian. Thank you a lot, this is good to reproduce, but I miss in general the IPv6 consideration a little bit in parallel to IPv4. I would assume Digital Ocean also provides IPv6 addresses in parallel, don't they? I think, it should not be skipped as many parts in the internet go IPv6 today and also to be future prepared, I would appreciate if you consider IPv6 in parallel within your setups as some things might be slightly different. So please move on as you are doing and thank you!

@AwesomeOpenSource

Ай бұрын

DO allows you to enable IPv6, but not on by default as I recall. I haven't mastered IPv6 yet for sure, but maybe that's an opportunity for me to get @scottibyte and @ibracorp involved in my series...they can school me on it a bit.

Hey bro Please make one video on zammad ticketing System installation

@AwesomeOpenSource

Ай бұрын

It's on my list for this series.

@AwesomeOpenSource

Ай бұрын

It's on my list for this series my friend.

My man i would advice you to not show the IPs in a yt video. Some script kiddie might decide do ddos your stuff.

@medinarick3

2 ай бұрын

He just kills the machines when he's done

@redetermine

2 ай бұрын

​@@medinarick3I doubt it, since the IPs at 1:57 didnt have anything to do with this video.

@metal-beard

2 ай бұрын

yea, I hope it's just for demo because all the services are still available on HTTP.

@PopularWebz

2 ай бұрын

Who cares? There's a reason we call these "Public IPs" The IPv4 space isn't very large. All public IPv4 addresses are scanned every day for open ports. No point pretending they are hidden.

@davidlakes5087

2 ай бұрын

Once he’s registered a domain name and pointed DNS records to his IP addresses, those IPs are published for the whole world to see. That’s just how DNS works. Security through obscurity is no security at all.

Along with starting a MSP, you should offer documentation services.

@AwesomeOpenSource

Ай бұрын

100%

@toddselby443

Ай бұрын

@@AwesomeOpenSource You have the best show notes on KZread.